This invention relates to digital mobile communications systems and more particularly, to a method and system employing a protocol for establishing a secure secret key between two or more terminals through a network center.
1. Related Patents
This invention employs public-key-encryption concepts as disclosed in U.S. Pat. No. 4,200,770 entitled "Cryptographic Apparatus and Method", to W. Diffie and M. E. Hellman Apr. 29, 1980; U.S. Pat. No. 4,405,829 entitled "Cryptographic Communications System and Method", to R. Rivest, A. Shamir and L. Adleman, Sep. 20, 1983; and, U.S. Pat. No. 4,424,414, entitled "Exponentiation Cryptographic Apparatus and Method", to S. C. Pohlig and M. E. Hellman, which are all expressly incorporated herein by reference.
2. Description of the Prior Art
Awareness of the value of information together with advances in modern state-of-the-art telecommunications technologies including personal computers, local area networks, distributed data bases, packet radio, satellite teleconferencing, electronic mail, and electronic funds transfer, has stimulated and increased awareness of the vulnerability of communications links to intercept and of the susceptibility of databases to exploitation and tamper. This same telecommunications revolution has made the wide spread availability of technology for implementing techniques which can provide authenticated communications that also can be made secure against eavesdropping or tampering.
Prime users of a secure network of communicators include the banking community who has a need for ensuring that funds, electronically transferred, are sent correctly: a message authentication problem. Similarly, the stocks and securities community which operates on a computer network, has a requirement that the buy and sell of stocks are authentically sent to and from the correct person.
In response to this revolution and awareness, communicators increasingly have become aware of communications privacy and security. A technical solution for providing security against both eavesdropping and the injection of illegitimate messages, includes cryptography. Two generic approaches to key distribution are classical cryptographic techniques and public key cryptographic techniques. Classical cryptography requires that for ensuring secure communications, communicators must have keys that are identical. The encryption key is used to "lock" or secure the messages and a receiver must have an identical key to "unlock" or decrypt the messages. A problem arises with key distribution in a large network of communicators who wish to communicate with each other securely.
A major problem with classical cryptographic techniques is key distribution in a large network which requires n(n-1)/2 keys for n nodes. As shown in FIG. 1, a message, M, which is encrypted with an encryption key E.sub.A, into a cipher text, C, requires having the key distributed over a private channel to the receiver. This requirement includes generating, storing, distributing, destructing and archiving of key variables which are essential elements of encipherment. Typically, a courier is responsible for distributing the keys over the private channel. For a large network of communicators, this requires a courier to distribute the key to many users. Further, if all communicators in the network are using the same key, and if the key is compromised by any one communicator, then the whole network is compromised.
The advent of inexpensive electronics hardware has facilitated means for providing the security of communications. In computer communications networks in particular, public key cryptography, which may be viewed as a multiple access cryptographic technique, provides a relatively inexpensive means for distributing keys among communicators and ensuring communications privacy and message authentication in comparison to conventional cryptographic techniques.